Open-Source Security Testing Methodology Manual. Created by http://www.isecom.org.
Open-Source Security Testing Methodology Manual
See OSSTMM.
passive reconnaissance
Information gathering on a potential target in a noninvasive way, such as eavesdropping on a conversation.
penetration tester
An ethical hacker engaged by an organization to seek out potential vulnerabilities in its network infrastructure.
Perl
A high-level, interpreted, procedural scripting language.
PGP
Pretty Good Privacy. A program that provides cryptographic privacy and means of authentication.
phishing
A form of social engineering attack that attempts to fraudulently acquire secure personal information such as passwords and credit card details by impersonating someone trustworthy, such as your bank.
PKI
Public Key Infrastructure. An arrangement that provides for third-party vetting and validation of user identities. It also allows public keys to be bound to users. These public keys are typically in certificates.
port scanner
A tool designed to probe a host for open TCP or UDP ports.